Running Your Own Top-Level Domain

Set up your own TLD in BIND for ease of navigation.

If you administer a network that uses private addressing, you’ve almost certainly encountered the disassociated schizophrenia of trying to maintain zone files that properly reflect internal and external IP addresses. With the introduction of Views in Bind 9, supporting multiple address ranges in a single domain has been significantly streamlined.

While using views is one way to attack the problem, consider the ease of setting up your own top-level domain. Normally, zone entries in named.conf look something like this:

zone "" {
        type master;
        file "data/";

This is an entry appropriate for an authoritative DNS server for the subdomain. The actual top-level domains (i.e., .com, .net, .org, .int, etc.) are only delegated to the mysterious 13 known as the root DNS servers. Even though your servers won’t be consulted by the rest of the Internet, it can be handy to set up your very own TLD that works only on your local network.

For example, suppose you have a group of machines that use the private network. These machines aren’t directly reachable from the Internet, and you don’t really want to advertise their DNS information to would-be network crackers. Try a non-standard TLD:

zone "bp" {
        type master;
        file "data/bp";
        allow-transfer { 192.168.1/24; };
        allow-query { 192.168.1/24; };

The bp is short for BackPlane—and, more to the point, the bp is just plain short. With the preceding code added to your zone file, set up a master record for bp just as you would any other domain:

$TTL 86400
@     IN SOA  ns.bp. root.homer.bp. (
                2002090100      ; Serial
                10800           ; Refresh after 3 hours
                3600            ; Retry after 1 hour
                604800          ; Expire (1 week)
                60              ; Negative expiry time

      IN NS           ns.bp.

ns            IN A       

homer         IN A       
bart                IN A
lisa                IN A

Reload named, and you should be able to simply ping homer.bp. If you’d like other name servers to maintain slave copies of your TLD, just add them as usual:

zone "bp" {
        type slave;
        file "db.bp";
        masters {; };

In this way, you can extend your new TLD across your entire private network architecture. If you’re running tunnels over the Internet [Hack #54] to connect remote offices or friends, support for your TLD could theoretically grow to be as large as you like. This is exactly what some wireless community networks (like NoCatNet and SeattleWireless) are doing. For example, users on SeattleWireless can browse to http://www.rob.swn/ to hit a web server that I host on the wireless network. This shortcut of using a custom TLD saves a lot of typing, doesn’t require Internet access to work, and is much easier than remembering IP addresses.

Get Wireless Hacks now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.